Jeffrey Bernardino

TrendLabs recently received a new FAKEAV sample, which we now detect as TROJ_FAKEAV.BLW. Like previous variants, it poses as a legitimate antivirus application that displays false detections, disables firewall and security center functions, and produces pop-up warnings to force affected users to purchase rogue antivirus software. Unlike its predecessors, however, this sample uses the file…